﻿/// ****************************************************************************
/// Author:	        Robin Zhu
/// Create Date:	2012-4-28
/// Purpose: 		用于用户验证Http模块
/// ****************************************************************************
/// Modify By		Date			Remark
/// Robin           2013-12-27      增加对WCF service的检查
/// ****************************************************************************
/// 
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web;
using System.Security.Principal;
using System.Configuration;
using System.Web.Security;
using System.Web.Routing;
using System.Diagnostics;

namespace RB.Web.Security
{
    public class VarAuthenticationModule : IHttpModule
    {
        public void Dispose()
        {
        }

        public void Init(HttpApplication context)
        {
            context.AuthenticateRequest += new EventHandler(OnEnter);
        }

        void OnEnter(object sender, EventArgs e)
        {
            HttpApplication app = (HttpApplication)sender;
            HttpContext context = app.Context;

            if (context != null && context.Request != null)
            {
                if (context.Request.CurrentExecutionFilePathExtension == ""
                    || context.Request.CurrentExecutionFilePathExtension == ".aspx"
                    || context.Request.ServerVariables["HTTP_SOAPACTION"] != null)
                {
                    Debug.Print("AuthenticateRequest: " + context.Request.Url.AbsolutePath);
                    VarAuthentication.Authenticate(context);

                    if (VarAuthentication.IsLoginPage(context.Request.Url) ||
                        VarAuthentication.IsAccessDeniedPage(context.Request.Url))
                        context.SkipAuthorization = true;
                }
                else
                {
                    context.SkipAuthorization = true;
                }
            }
        }


    }


}
